中了WD木马盗号病毒杀不掉怎么办 bbs.ikaka.com

小害虫 - 2008-7-10 0:13:00

各位高手：
非常感谢您留心我这份系统诊断报告，小菜鸟十万火急等待您的帮助！
该诊断报告由360安全卫士提供 http://www.360.cn
诊断时间: 2008-07-09 23:57:17
诊断平台: Microsoft Windows XP Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存:502.42MB - 当前可用内存:188.09MB

100 - 未知 - Process: rfwsrv.exe [Rising Personal FireWall Service] - D:\杂\瑞星杀毒\rfwsrv.exe
100 - 未知 - Process: rfwProxy.exe [Rising Personal Proxy Service] - D:\杂\瑞星杀毒\rfwProxy.exe
100 - 未知 - Process: rfwstub.exe [Rising Personal FireWall Service Rfwstub ] - D:\杂\瑞星杀毒\rfwstub.exe
100 - 未知 - Process: rfwmain.exe [Rising Personal FireWall Main Program] - D:\杂\瑞星杀毒\RfwMain.exe
100 - 未知 - Process: windows.ext [] - C:\WINDOWS\windows.ext
100 - 未知 - Process: WebPlayerDeamon.exe [远古流媒体播放器升级软件 V1.0] - C:\Program Files\VIEWGOOD\WebPlayer 2007\WebPlayerDeamon.exe
100 - 未知 - Process: SuperKiller.exe [] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.453\SuperKiller.exe
R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.baidu.com/index.php?tn=sayh_3_dg
R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.baidu.com/index.php?tn=sayh_3_dg
R1 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Use Search Asst=no
O2 - 未知 - BHO: (ThunderAtOnce Class) - [迅雷浏览器高级特性支持模块] - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll
O3 - 未知 - Toolbar: (第三方IE工具栏) - [无效的CLSID:{710EB7A1-45ED-11D0-924A-0020AFC7AC4D}] - {710EB7A1-45ED-11D0-924A-0020AFC7AC4D} -
O4 - 未知 - HKLM\..\Run: [WebPlayerUpdater] [远古流媒体播放器升级软件 V1.0] "C:\Program Files\VIEWGOOD\WebPlayer 2007\WebPlayerDeamon.exe" /Hide
O8 - 未知 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder\Program\geturl.htm
O8 - 未知 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder\Program\getallurl.htm
O8 - 未知 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - 未知 - Extra button: 迅雷5(HKLM) - C:\Program Files\Thunder\Thunder.exe
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Rsvp 1.0 Service Provider] [{9D60A9E0-337A-11D0-BD88-0000C082E69A}]C:\WINDOWS\system32\rsvpsp.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Rsvp 1.0 Service Provider] [{9D60A9E0-337A-11D0-BD88-0000C082E69A}]C:\WINDOWS\system32\rsvpsp.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll
O14 - 未知 - IERESET.INF: START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
O15 - 未知 - Trusted Zone: http://*.icbc.com.cn
O15 - 未知 - Trusted Zone: https://*.icbc.com.cn
O18 - 未知 - Protocol: AP Class Install Handler filter - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: AP lzdhtml encoding/decoding Filter - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: AP lzdhtml encoding/decoding Filter - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: AP lzdhtml encoding/decoding Filter - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: WebView MIME Filter - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\SHELL32.dll
O18 - 未知 - Protocol: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O18 - 未知 - Protocol: Microsoft HTML About Pluggable Protocol - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - 未知 - Protocol: CDL: Asychronous Pluggable Protocol Handler - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: DVD: 可插入协议 - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - 未知 - Protocol: file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: ftp: Asychronous Pluggable Protocol Handler - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: gopher: Asychronous Pluggable Protocol Handler - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: http: Asychronous Pluggable Protocol Handler - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: https: Asychronous Pluggable Protocol Handler - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - 未知 - Protocol: Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - 未知 - Protocol: file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: Microsoft HTML Mailto Pluggable Protocol - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - 未知 - Protocol: MHTML Asychronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
O18 - 未知 - Protocol: mk: Asychronous Pluggable Protocol Handler - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - 未知 - Protocol: Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - 未知 - Protocol: Microsoft HTML Resource Pluggable Protocol - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - 未知 - Protocol: Microsoft HTML Resource Pluggable Protocol - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll
[

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

小害虫 - 2008-7-10 0:14:00

O31 - 未知 - SEApproved: {D8BD2030-6FC9-11D0-864F-00AA006809D9} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.2180 - 265728 - fefe188339f412ffaaf800b5ba7dbc84
O31 - 未知 - SEApproved: {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.2180 - 265728 - fefe188339f412ffaaf800b5ba7dbc84
O31 - 未知 - SEApproved: {352EC2B7-8B9A-11D1-B8AE-006008059382} - C:\WINDOWS\system32\appwiz.cpl - Microsoft Corporation - Shell Application Manager - 5.1.2600.2180 - 538112 - 46845f615595c7d87ceef2e8b446b267
O31 - 未知 - SEApproved: {0B124F8F-91F0-11D1-B8B5-006008059382} - C:\WINDOWS\system32\appwiz.cpl - Microsoft Corporation - Shell Application Manager - 5.1.2600.2180 - 538112 - 46845f615595c7d87ceef2e8b446b267
O31 - 未知 - SEApproved: {CFCCC7A0-A282-11D1-9082-006008059382} - C:\WINDOWS\system32\appwiz.cpl - Microsoft Corporation - Shell Application Manager - 5.1.2600.2180 - 538112 - 46845f615595c7d87ceef2e8b446b267
O31 - 未知 - SEApproved: {e84fda7c-1d6a-45f6-b725-cb260c236066} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.2180 - 434176 - 19d7a19f964aeeb2435bce3b215ff61b
O31 - 未知 - SEApproved: {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.2180 - 434176 - 19d7a19f964aeeb2435bce3b215ff61b
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - - - - - 0 -
O31 - 未知 - SEApproved: {3F30C968-480A-4C6C-862D-EFC0897BB84B} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.2180 - 434176 - 19d7a19f964aeeb2435bce3b215ff61b
O31 - 未知 - SEApproved: {9DBD2C50-62AD-11d0-B806-00C04FD706EC} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.2180 - 434176 - 19d7a19f964aeeb2435bce3b215ff61b
O31 - 未知 - SEApproved: {EAB841A0-9550-11cf-8C16-00805F1408F3} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.2180 - 434176 - 19d7a19f964aeeb2435bce3b215ff61b
O31 - 未知 - SEApproved: {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.2180 - 434176 - 19d7a19f964aeeb2435bce3b215ff61b
O31 - 未知 - SEApproved: {CC6EEFFB-43F6-46c5-9619-51D571967F7D} - C:\WINDOWS\system32\netplwiz.dll - Microsoft Corporation - Map Network Drives/Network Places Wizard - 5.1.2600.2180 - 847360 - f151ef66cb5fc26a647f7422ca93c092
O31 - 未知 - SEApproved: {add36aa8-751a-4579-a266-d66f5202ccbb} - C:\WINDOWS\system32\netplwiz.dll - Microsoft Corporation - Map Network Drives/Network Places Wizard - 5.1.2600.2180 - 847360 - f151ef66cb5fc26a647f7422ca93c092
O31 - 未知 - SEApproved: {6b33163c-76a5-4b6c-bf21-45de9cd503a1} - C:\WINDOWS\system32\netplwiz.dll - Microsoft Corporation - Map Network Drives/Network Places Wizard - 5.1.2600.2180 - 847360 - f151ef66cb5fc26a647f7422ca93c092
O31 - 未知 - SEApproved: {58f1f272-9240-4f51-b6d4-fd63d1618591} - C:\WINDOWS\system32\netplwiz.dll - Microsoft Corporation - Map Network Drives/Network Places Wizard - 5.1.2600.2180 - 847360 - f151ef66cb5fc26a647f7422ca93c092
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} - - - - - 0 -
O31 - 未知 - SEApproved: {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - C:\WINDOWS\system32\zipfldr.dll - Microsoft Corporation - Compressed (zipped) Folders - 6.0.2900.2180 - 328192 - 58f917041fe41eece83f1c80d47a5b5c
O31 - 未知 - SEApproved: {BD472F60-27FA-11cf-B8B4-444553540000} - C:\WINDOWS\system32\zipfldr.dll - Microsoft Corporation - Compressed (zipped) Folders - 6.0.2900.2180 - 328192 - 58f917041fe41eece83f1c80d47a5b5c
O31 - 未知 - SEApproved: {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - C:\WINDOWS\system32\zipfldr.dll - Microsoft Corporation - Compressed (zipped) Folders - 6.0.2900.2180 - 328192 - 58f917041fe41eece83f1c80d47a5b5c
O31 - 未知 - SEApproved: {692F0339-CBAA-47e6-B5B5-3B84DB604E87} - C:\WINDOWS\system32\extmgr.dll - Microsoft Corporation - Extensions Manager - 6.0.2900.3354 - 55808 - c2d620487bcfed740c5285ae0fda3740
O31 - 未知 - SEApproved: {63da6ec0-2e98-11cf-8d82-444553540000} - C:\WINDOWS\system32\msieftp.dll - Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension - 6.0.2900.2180 - 240128 - 2cd04182aa74b07c64ed1b04d63a9fbb
O31 - 未知 - SEApproved: {883373C3-BF89-11D1-BE35-080036B11A03} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.2180 - 47104 - 68a4e26765ef4a8b7595c90cea2a75ee
O31 - 未知 - SEApproved: {A9CF0EAE-901A-4739-A481-E35B73E47F6D} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.2180 - 47104 - 68a4e26765ef4a8b7595c90cea2a75ee
O31 - 未知 - SEApproved: {8EE97210-FD1F-4B19-91DA-67914005F020} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.2180 - 47104 - 68a4e26765ef4a8b7595c90cea2a75ee
O31 - 未知 - SEApproved: {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.2180 - 47104 - 68a4e26765ef4a8b7595c90cea2a75ee
O31 - 未知 - SEApproved: {6A205B57-2567-4A2C-B881-F787FAB579A3} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.2180 - 47104 - 68a4e26765ef4a8b7595c90cea2a75ee
O31 - 未知 - SEApproved: {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.2180 - 47104 - 68a4e26765ef4a8b7595c90cea2a75ee
O31 - 未知 - SEApproved: {8A23E65E-31C2-11d0-891C-00A024AB2DBB} - C:\WINDOWS\system32\dsquery.dll - Microsoft Corporation - Directory Service Find - 5.1.2600.2180 - 235520 - 239ce69cdc3bd018ddc240c2ff65ef68
O31 - 未知 - SEApproved: {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} - C:\WINDOWS\system32\dsquery.dll - Microsoft Corporation - Directory Service Find - 5.1.2600.2180 - 235520 - 239ce69cdc3bd018ddc240c2ff65ef68
O31 - 未知 - SEApproved: {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} - C:\WINDOWS\system32\dsquery.dll - Microsoft Corporation - Directory Service Find - 5.1.2600.2180 - 235520 - 239ce69cdc3bd018ddc240c2ff65ef68
O31 - 未知 - SEApproved: {F020E586-5264-11d1-A532-0000F8757D7E} - C:\WINDOWS\system32\dsquery.dll - Microsoft Corporation - Directory Service Find - 5.1.2600.2180 - 235520 - 239ce69cdc3bd018ddc240c2ff65ef68
O31 - 未知 - SEApproved: {0D45D530-764B-11d0-A1CA-00AA00C16E65} - C:\WINDOWS\system32\dsuiext.dll - Microsoft Corporation - Directory Service Common UI - 5.1.2600.2180 - 112128 - 3e6e0e8484d81a4fb2985b7473230dc6
O31 - 未知 - SEApproved: {62AE1F9A-126A-11D0-A14B-0800361B1103} - C:\WINDOWS\system32\dsuiext.dll - Microsoft Corporation - Directory Service Common UI - 5.1.2600.2180 - 112128 - 3e6e0e8484d81a4fb2985b7473230dc6
O31 - 未知 - SEApproved: {ECF03A33-103D-11d2-854D-006008059367} - C:\WINDOWS\system32\mydocs.dll - Microsoft Corporation - My Documents Folder UI - 6.0.2900.2180 - 88576 - c4037e9c0d602e2568c85e9fb7fde1a0
O31 - 未知 - SEApproved: {ECF03A32-103D-11d2-854D-006008059367} - C:\WINDOWS\system32\mydocs.dll - Microsoft Corporation - My Documents Folder UI - 6.0.2900.2180 - 88576 - c4037e9c0d602e2568c85e9fb7fde1a0
O31 - 未知 - SEApproved: {4a7ded0a-ad25-11d0-98a8-0800361b1103} - C:\WINDOWS\system32\mydocs.dll - Microsoft Corporation - My Documents Folder UI - 6.0.2900.2180 - 88576 - c4037e9c0d602e2568c85e9fb7fde1a0
O31 - 未知 - SEApproved: {750fdf0e-2a26-11d1-a3ea-080036587f03} - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation - Client Side Caching UI - 5.1.2600.2180 - 304128 - 1dc96b546d46b30a0e5289bab85d7252
O31 - 未知 - SEApproved: {10CFC467-4392-11d2-8DB4-00C04FA31A66} - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation - Client Side Caching UI - 5.1.2600.2180 - 304128 - 1dc96b546d46b30a0e5289bab85d7252
O31 - 未知 - SEApproved: {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation - Client Side Caching UI - 5.1.2600.2180 - 304128 - 1dc96b546d46b30a0e5289bab85d7252
O31 - 未知 - SEApproved: {143A62C8-C33B-11D1-84FE-00C04FA34A14} - - - - - 0 -
O31 - 未知 - SEApproved: {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} - C:\WINDOWS\system32\dfsshlex.dll - Microsoft Corporation - Distributed File System shell extension - 5.1.2600.2180 - 28672 - df583d3594c1259d2456d4167fa67cfc
O31 - 未知 - SEApproved: {60fd46de-f830-4894-a628-6fa81bc0190d} - C:\WINDOWS\system32\photowiz.dll - Microsoft Corporation - Photo Printing Wizard - 5.1.2600.2180 - 167424 - 3823949d3c1e17389c2273b6fb5b4f97
O31 - 未知 - SEApproved: {7A80E4A8-8005-11D2-BCF8-00C04F72C717} - C:\WINDOWS\System32\mmcshext.dll - Microsoft Corporation - MMC Shell Extension DLL - 5.1.2600.2180 - 50688 - 5d1e8bd91c7c27bdcc70e02737c0e9e8
O31 - 未知 - SEApproved: {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} - C:\WINDOWS\system32\cabview.dll - Microsoft Corporation - Cabinet File Viewer Shell Extension - 6.0.2900.2180 - 83456 - b66c66b4dab07d5362fe86882d4c52c8
O31 - 未知 - SEApproved: {32714800-2E5F-11d0-8B85-00AA0044F941} - C:\Program Files\Outlook Express\wabfind.dll - Microsoft Corporation - Find People - 6.0.2900.2180 - 32768 - 1be5d8d105cabc4f1f6668d3ad725299
O31 - 未知 - SEApproved: {8DD448E6-C188-4aed-AF92-44956194EB1F} - C:\WINDOWS\system32\wmpshell.dll - Microsoft Corporation - Windows Media Player Launcher - 10.0.0.3802 - 86016 - 184e6b5c5301631c2d477b0debe5c6b1
O31 - 未知 - SEApproved: {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} - C:\WINDOWS\system32\wmpshell.dll - Microsoft Corporation - Windows Media Player Launcher - 10.0.0.3802 - 86016 - 184e6b5c5301631c2d477b0debe5c6b1
O31 - 未知 - SEApproved: {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} - C:\WINDOWS\system32\wmpshell.dll - Microsoft Corporation - Windows Media Player Launcher - 10.0.0.3802 - 86016 - 184e6b5c5301631c2d477b0debe5c6b1
O31 - 未知 - SEApproved: {21569614-B795-46b1-85F4-E737A8DC09AD} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.3354 - 1022976 - 5af0b037fd0fcc07cfcf9d5994a68b59
O31 - 未知 - SEApproved: {640167b4-59b0-47a6-b335-a6b3c0695aea} - C:\WINDOWS\system32\Audiodev.dll - Microsoft Corporation - 便携媒体设备命令行解释器扩展 - 5.2.3802.3802 - 484352 - d56ea61a4265c0cd19764ed7b13c4b30

小害虫 - 2008-7-10 0:14:00

O31 - 未知 - SEApproved: {cc86590a-b60a-48e6-996b-41d25ed39a1e} - C:\WINDOWS\system32\Audiodev.dll - Microsoft Corporation - 便携媒体设备命令行解释器扩展 - 5.2.3802.3802 - 484352 - d56ea61a4265c0cd19764ed7b13c4b30
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 128000 - 09bf3106f4a784560985ed16d52f03fd
O31 - 未知 - SEApproved: {42042206-2D85-11D3-8CFF-005004838597} - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll - Microsoft Corporation - Microsoft Office 2003 component - 11.0.5510.0 - 67128 - 165ae7a443f2139dd2c078ad87699f91
O31 - 未知 - SEApproved: {BDEADF00-C265-11D0-BCED-00A0C90AB50F} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL - Microsoft Corporation - Microsoft Web Folders - 11.0.6715.60 - 1293008 - 32e82a0c6d4272407dc8547354efa42b
O31 - 未知 - SEApproved: {e57ce731-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll - Microsoft Corporation - UPNP Tray Monitor and Folder - 5.1.2600.2180 - 238080 - 513b4be168ea63800e7daf6a447bf993
O31 - 未知 - SEApproved: {f39a0dc0-9cc8-11d0-a599-00c04fd64433} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.3354 - 150016 - 3f394520a122cf2f7f21b67325b4512d
O31 - 未知 - SEApproved: {f3aa0dc0-9cc8-11d0-a599-00c04fd64434} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.3354 - 150016 - 3f394520a122cf2f7f21b67325b4512d
O31 - 未知 - SEApproved: {f3ba0dc0-9cc8-11d0-a599-00c04fd64435} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.3354 - 150016 - 3f394520a122cf2f7f21b67325b4512d
O31 - 未知 - SEApproved: {f3da0dc0-9cc8-11d0-a599-00c04fd64437} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.3354 - 150016 - 3f394520a122cf2f7f21b67325b4512d
O31 - 未知 - SEApproved: {f3ea0dc0-9cc8-11d0-a599-00c04fd64438} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.3354 - 150016 - 3f394520a122cf2f7f21b67325b4512d
O31 - 未知 - Directory Menu: {A470F8CF-A1E8-4f65-8335-227475AA5C46} - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation - Windows Shell Common Dll - 6.0.2900.3241 - 8312320 -
O31 - 未知 - Directory Menu: {750fdf0e-2a26-11d1-a3ea-080036587f03} - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation - Client Side Caching UI - 5.1.2600.2180 - 304128 - 1dc96b546d46b30a0e5289bab85d7252
O31 - 未知 - Directory Menu: {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} - C:\WINDOWS\system32\ntshrui.dll - Microsoft Corporation - Shell extensions for sharing - 5.1.2600.2180 - 137216 - 6fd08f1ef02456a30f14b8b37e78cd05
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 128000 - 09bf3106f4a784560985ed16d52f03fd
O31 - 未知 - LSA: Authentication Packages - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation - Microsoft Authentication Package v1.0 - 5.1.2600.2180 - 129536 - d31b15aa03db1f3b91ee322d4df944d0
O31 - 未知 - LSA: Notification Packages - C:\WINDOWS\system32\scecli.dll - Microsoft Corporation - Windows Security Configuration Editor Client Engine - 5.1.2600.2180 - 171008 - de51b90c8c78cabf53757a9becf002da
O31 - 未知 - LSA: Security Packages - C:\WINDOWS\system32\kerberos.dll - Microsoft Corporation - Kerberos Security Package - 5.1.2600.2698 - 295936 - e5f30164055d6441a4def03a97158f49
O31 - 未知 - LSA: Security Packages - sv1_0.dll - - - - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll - - - - 0 -
O31 - 未知 - LSA: Security Packages - C:\WINDOWS\system32\digest.dll - Microsoft Corporation - Digest SSPI Authentication Package - 6.0.2900.2180 - 68096 - f223ec0ba1e53eced14aaca1a9568f6c

=======================================

O40 - csrss.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\ijt_base.dll - Inject Base - 77d2281153e503fd5bb06f68106cbaba
O40 - csrss.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\olemon.dll - Ole Mon Dll - d7fa944c5bae1e85cf3c786354b35e26
O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\system32\WgaLogon.dll - Windows Genuine Advantage Notification - 05f92281865f486661694400a351d772
O40 - winlogon.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\ijt_base.dll - Inject Base - 77d2281153e503fd5bb06f68106cbaba
O40 - winlogon.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\olemon.dll - Ole Mon Dll - d7fa944c5bae1e85cf3c786354b35e26
O40 - services.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\ijt_base.dll - Inject Base - 77d2281153e503fd5bb06f68106cbaba
O40 - services.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\olemon.dll - Ole Mon Dll - d7fa944c5bae1e85cf3c786354b35e26
O40 - lsass.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\ijt_base.dll - Inject Base - 77d2281153e503fd5bb06f68106cbaba
O40 - lsass.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\olemon.dll - Ole Mon Dll - d7fa944c5bae1e85cf3c786354b35e26
O40 - svchost.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\ijt_base.dll - Inject Base - 77d2281153e503fd5bb06f68106cbaba
O40 - svchost.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\olemon.dll - Ole Mon Dll - d7fa944c5bae1e85cf3c786354b35e26
O40 - svchost.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\ijt_base.dll - Inject Base - 77d2281153e503fd5bb06f68106cbaba
O40 - svchost.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\olemon.dll - Ole Mon Dll - d7fa944c5bae1e85cf3c786354b35e26
O40 - svchost.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\ijt_base.dll - Inject Base - 77d2281153e503fd5bb06f68106cbaba
O40 - svchost.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\olemon.dll - Ole Mon Dll - d7fa944c5bae1e85cf3c786354b35e26
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\system32\wups.dll - Windows Update client proxy stub - 170e7431200f98c050c1f0f72dfd99bb
O40 - svchost.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\ijt_base.dll - Inject Base - 77d2281153e503fd5bb06f68106cbaba
O40 - svchost.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\olemon.dll - Ole Mon Dll - d7fa944c5bae1e85cf3c786354b35e26
O40 - svchost.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\ijt_base.dll - Inject Base - 77d2281153e503fd5bb06f68106cbaba
O40 - svchost.exe - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\olemon.dll - Ole Mon Dll - d7fa944c5bae1e85cf3c786354b35e26
O40 - Explorer.EXE - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\ijt_base.dll - Inject Base - 77d2281153e503fd5bb06f68106cbaba
O40 - Explorer.EXE - Beijing Rising Technology Co., Ltd. - D:\杂\瑞星杀毒\olemon.dll - Ole Mon Dll - d7fa944c5bae1e85cf3c786354b35e26
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\upnpui.dll - UPNP Tray Monitor and Folder - 513b4be168ea63800e7daf6a447bf993
O40 - Explorer.EXE - - C:\Program Files\Thunder\Components\ResWorker\DsBho_00.dll - DsBho - 46802b672aeb38b0accd850290b35f25
O40 - Explorer.EXE - Thunder Networking Technologies,LTD - C:\Program Files\Thunder\Components\ResWorker\DataProcessor_00.dll - DataProcessor - 59f18519edf91b6aae427f00097a98a0
O40 - Explorer.EXE - Thunder Networking Technologies,LTD - C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll - 迅雷浏览器高级特性支持模块 - 6c73ca1ecb87db28ea3c93ebb36cd965
O40 - Explorer.EXE - Thunder Networking Technologies,LTD - C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll - XunLeiBHO - a468900913f194f719b02ca18c49237e
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\sendmail.dll - Send Mail - 736995b40ef4b98717b14adaebe9fd1f

=======================================

O41 - aeaudio - Andrea Audio Noise Cancellation Driver - C:\WINDOWS\system32\drivers\aeaudio.sys - (running) - Andrea Audio Noise Cancellation Driver - Andrea Electronics Corporation - 9f59ae2de835641fbb0c6afd80d8fa9b
O41 - HookUrl - URL Filter Driver - D:\杂\瑞星杀毒\HookUrl.sys - (running) - URL Filter Driver - Beijing Rising Technology Co., Ltd. - 8957529c48f118bc52318f2abfa0e3c8
O41 - KAVBootC - Kingsoft Boot Clean - C:\WINDOWS\system32\drivers\KAVBootC.sys - (running) - Kingsoft Boot Clean - Kingsoft Corporation - ce34d18e02b20630da8528d086b7b076
O41 - nvrd32 - NVIDIA? nForce(TM) RAID Driver - C:\WINDOWS\system32\drivers\nvrd32.sys - (running) - NVIDIA? nForce(TM) RAID Driver - NVIDIA Corporation - b42efd48258527426231b584a9b23b86
O41 - RfwBase - net base driver - C:\WINDOWS\system32\drivers\rfwbase.sys - (running) - net base driver - Beijing Rising Technology Co., Ltd. - 1a9cfce3f98ffd707b58a452bf39449c
O41 - RsFwDrv - Rules Driver - D:\杂\瑞星杀毒\rsfwdrv.sys - (running) - Rules Driver - Beijing Rising Technology Co., Ltd. - 4574ddcff5df12ee8fb43a66ccd9368e
O41 - senfilt - Sensaura WDM 3D Audio Driver - C:\WINDOWS\system32\drivers\senfilt.sys - (running) - Sensaura WDM 3D Audio Driver - Sensaura - bb596a578330ad794c6769b588af6bb4
O41 - smwdm - SoundMAX Integrated Digital Audio - C:\WINDOWS\system32\drivers\smwdm.sys - (running) - SoundMAX Integrated Digital Audio - Analog Devices, Inc. - 1319ea66a96250d59665d133c0ff7cd0
O41 - ahcix86 - AMD Technology AHCI Compatible Controller Driver for Windows family - C:\WINDOWS\system32\drivers\ahci8086.sys - (not running) - AMD Technology AHCI Compatible Controller Driver for Windows family - AMD Technologies Inc. - 746c6e7ae2c6449f3cf3cf0d5e3a9222
O41 - FXDRV - FXDRV - G:\Fxdrv.sys - (not running) - - -
O41 - iaStor - Intel Matrix Storage Manager driver - ia32 - C:\WINDOWS\system32\drivers\iastor7.sys - (not running) - Intel Matrix Storage Manager driver - ia32 - Intel Corporation - e5a0034847537eaee3c00349d5c34c5f
O41 - JRAID - JMicron JMB36X RAID Driver - C:\WINDOWS\system32\drivers\Jraid.sys - (not running) - JMicron JMB36X RAID Driver - JMicron Technology Corp. - ab95b2ddb49f6b6cf52625e56c1f1f71
O41 - KAVSafe - KAVSafe Application - C:\WINDOWS\system32\drivers\KAVSafe.sys - (not running) - KAVSafe Application - Kingsoft Corporation - c11e64f4b04cdc503db74fe13b75729c
O41 - m5228 - M5228 ATA RAID Controller Driver - C:\WINDOWS\system32\drivers\m5228.sys - (not running) - M5228 ATA RAID Controller Driver - ALi Corporation. - 06c174e5c7845055c3d6317709af6423
O41 - m5281 - ALi SATA RAID Controller Driver - C:\WINDOWS\system32\drivers\m5281.sys - (not running) - ALi SATA RAID Controller Driver - ALi Corporation - a51cd61975297508d4483fcbf931d86c
O41 - m5287 - ULi SATA Controller Driver - C:\WINDOWS\system32\drivers\m5287.sys - (not running) - ULi SATA Controller Driver - ULi Electronics Inc. - 87cf2d570f452a5c1b9fc5c5a44389a5
O41 - m5288 - ULi SATA Controller Driver - C:\WINDOWS\system32\drivers\m5288.sys - (not running) - ULi SATA Controller Driver - ULi Electronics Inc. - 485ed377977dc9661626aaab614504cf
O41 - m5289 - ULi SATA RAID Controller Driver - C:\WINDOWS\system32\drivers\m5289.sys - (not running) - ULi SATA RAID Controller Driver - ULi Electronics Inc. - e1ca1ea9ad7c8c50ea533829a6854d63
O41 - MidiSyn - SoundMAX Wavetable Synthesizer (WDM) - C:\WINDOWS\system32\drivers\MidiSyn.sys - (not running) - SoundMAX Wavetable Synthesizer (WDM) - Analog Devices, Inc. - 8c7d037a53b495e7c250fd70b158b581
O41 - nvatabus - NVIDIA? nForce(TM) IDE Performance Driver - C:\WINDOWS\system32\drivers\nvatabus.sys - (not running) - NVIDIA? nForce(TM) IDE Performance Driver - NVIDIA Corporation - c03e15101f6d9e82cd9b0e7d715f5de3
O41 - nvgts - NVIDIA? nForce(TM) Sata Performance Driver - C:\WINDOWS\system32\drivers\nvgts.sys - (not running) - NVIDIA? nForce(TM) Sata Performance Driver - NVIDIA Corporation - f0bf71e77bb6d96d0a34537d151b78d1
O41 - SI3112r - Serial ATA RAID miniport driver - C:\WINDOWS\system32\drivers\si3112r.sys - (not running) - Serial ATA RAID miniport driver - Silicon Image, Inc - c82f9b4993f502361067e3ab61d46f7a
O41 - SiFilter - Windows Accelerator Driver - C:\WINDOWS\system32\drivers\siwinacc.sys - (not running) - Windows Accelerator Driver - Silicon Image, Inc. - 72cf151fb410e544904dbc7d7f29b796
O41 - SiSRaid - SiS RAID Miniport Driver - C:\WINDOWS\system32\drivers\sisraid.sys - (not running) - SiS RAID Miniport Driver - Silicon Integrated Systems - 826b83cdaafb6e164bbc1d77cb99e2ce
O41 - viamraid - VIA AHCI RAID DRIVER FOR WIN XP/SRV2003 - C:\WINDOWS\system32\drivers\viamraid.sys - (not running) - VIA AHCI RAID DRIVER FOR WIN XP/SRV2003 - VIA Technologies inc,.ltd - 1b7b0954af54e716f697c511d68c150e
O41 - vmscsi - VMware SCSI Controller Driver - C:\WINDOWS\system32\drivers\vmscsi.sys - (not running) - VMware SCSI Controller Driver - VMware, Inc. - 82132036ee4d3e8aa3e73feebe1a9741

=======================================
AntiEng.dll=4.2.0.1001
[userinit.exe情况]
MD5: 7BD70EC53CB7398246C84D25BFF33AA8
文件大小: 23552
版本信息: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
是否签名: 是
未被感染

=======================================
[URL历史情况]

[复制到剪贴板]

CODE:

[url]http://down.360safe.com/setup.exe[/url]

=======================================

瑞星卡卡安全论坛